[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] fix bit fields extraction and prevent overflow
|
From: |
Alexandra Diupina |
|
Subject: |
[PATCH] fix bit fields extraction and prevent overflow |
|
Date: |
Wed, 24 Apr 2024 21:13:21 +0300 |
Add a type cast and use extract64() instead of extract32()
to avoid integer overflow on addition. Fix bit fields
extraction according to documentation.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: d3c6369a96 ("introduce xlnx-dpdma")
Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru>
---
hw/dma/xlnx_dpdma.c | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/hw/dma/xlnx_dpdma.c b/hw/dma/xlnx_dpdma.c
index 1f5cd64ed1..52e8c594fe 100644
--- a/hw/dma/xlnx_dpdma.c
+++ b/hw/dma/xlnx_dpdma.c
@@ -175,24 +175,24 @@ static uint64_t
xlnx_dpdma_desc_get_source_address(DPDMADescriptor *desc,
switch (frag) {
case 0:
- addr = desc->source_address
- + (extract32(desc->address_extension, 16, 12) << 20);
+ addr = (uint64_t)desc->source_address
+ + (extract64(desc->address_extension, 16, 12) << 20);
break;
case 1:
- addr = desc->source_address2
- + (extract32(desc->address_extension_23, 0, 12) << 8);
+ addr = (uint64_t)desc->source_address2
+ + (extract64(desc->address_extension_23, 0, 12) << 8);
break;
case 2:
- addr = desc->source_address3
- + (extract32(desc->address_extension_23, 16, 12) << 20);
+ addr = (uint64_t)desc->source_address3
+ + (extract64(desc->address_extension_23, 16, 12) << 20);
break;
case 3:
- addr = desc->source_address4
- + (extract32(desc->address_extension_45, 0, 12) << 8);
+ addr = (uint64_t)desc->source_address4
+ + (extract64(desc->address_extension_45, 0, 12) << 8);
break;
case 4:
- addr = desc->source_address5
- + (extract32(desc->address_extension_45, 16, 12) << 20);
+ addr = (uint64_t)desc->source_address5
+ + (extract64(desc->address_extension_45, 16, 12) << 20);
break;
default:
addr = 0;
--
2.30.2
- [PATCH RFC] prevent overflow in xlnx_dpdma_desc_get_source_address(), Alexandra Diupina, 2024/04/12
- Re: [PATCH RFC] prevent overflow in xlnx_dpdma_desc_get_source_address(), Peter Maydell, 2024/04/12
- Re: [PATCH RFC] prevent overflow in xlnx_dpdma_desc_get_source_address(), Alexandra Diupina, 2024/04/16
- RE: [PATCH RFC] prevent overflow in xlnx_dpdma_desc_get_source_address(), Konrad, Frederic, 2024/04/17
- Re: [PATCH RFC] prevent overflow in xlnx_dpdma_desc_get_source_address(), Alexandra Diupina, 2024/04/23
- Re: [PATCH RFC] prevent overflow in xlnx_dpdma_desc_get_source_address(), Peter Maydell, 2024/04/23
- [PATCH v2 RFC] fix host-endianness bug and prevent overflow, Alexandra Diupina, 2024/04/24
- Re: [PATCH v2 RFC] fix host-endianness bug and prevent overflow, Peter Maydell, 2024/04/24
- [PATCH] fix bit fields extraction and prevent overflow,
Alexandra Diupina <=
- Re: [PATCH] fix bit fields extraction and prevent overflow, Peter Maydell, 2024/04/25
- [PATCH] fix host-endianness bug, Alexandra Diupina, 2024/04/24
- Re: [PATCH] fix host-endianness bug, Peter Maydell, 2024/04/25
- [PATCH v2] fix host-endianness bug, Alexandra Diupina, 2024/04/25
- Re: [PATCH v2] fix host-endianness bug, Philippe Mathieu-Daudé, 2024/04/25
- [PATCH v3] fix endianness bug, Alexandra Diupina, 2024/04/25
- Re: [PATCH v3] fix endianness bug, Richard Henderson, 2024/04/25